Knowledge Base

Network

Expand allClose all

Loopback Sonicwall Policy

Creating Loopback Policy

Unfortunately, you can not do a loopback in standard OS. You need to control NAT policy and standard OS does not allow that to happen. If it was enhanced OS, then you would created a NAT policy as shown below. This would direct traffic from the networks behind the Sonicwall to the WAN IP and the back to the server’s private address. If you server has its own public IP, then you would use that object for the Translated Source and Original destination.

An example of a loopback NAT policy.

Mark as helpful. 0

Terastation goes into standby or sleep mode

One of the possible reason to happen the TeraStation automatically shuts down, the “Auto Power Mode” or “Sleep Timer” function is in operation.
•Check the settings of Auto Power Mode.
The power switch or the Auto Power Mode is set to “AUTO” mode, the product will be turned OFF with all the PC installed NAS Navigator2 is not activated on the network.

1.Set the Auto Power Mode switch to “MANUAL”.
or
2.Boot the PC installed NAS Navigator2.

•Check the settings of Sleep Timer function.
If the Sleep Timer is set while the Auto Power Mode is under the “Manual” mode, the power of the TeraStation is turned OFF at the designated time.
* (The Sleep Timer function cannot be used when Auto Power Mode is set to “AUTO”.)

1.Check / change the settings and timing of the Sleep Timer function.
2.Click [System]-[Power Management]-[Sleep Timer] on the settings screen of the product.
3.Click [Modify Settings] of the Sleep Timer function.
4.Specify [Timer Interval], [Wake up at] and [Begin Sleep at], and click [Save].
*The procedure varies depending on your product type. Refer to the product manual for operation.

Mark as helpful. 7

Disabling IPV6

Don’t just disable it in the network settings make sure it is also disabled in the registry.

Link to disable it:

http://support.microsoft.com/kb/929852
Just click Fix it for me icon where it says Disable IPv6 and reboot the server.

Mark as helpful. 0

Problems starting IPSEC service

If you have problems restarting the IPSEC service and a restart doesnt fix it then try this

REG DELETE HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\
Policy\Local /F

REG ADD HKLM\System\CurrentControlSet\Services\IPSEC /V
Start /T REG_DWORD /F /D 1

Mark as helpful. 0

How to configure Primary and Secondary DNS Server

When configuring your DNS server, you must be familiar with the following concepts:
• Forward lookup zone
• Reverse lookup zone
• Zone types

A forward lookup zone is simply a way to resolve host names to IP addresses. A reverse lookup zone allows a DNS server to discover the DNS name of the host. Basically, it is the exact opposite of a forward lookup zone. A reverse lookup zone is not required, but it is easy to configure and will allow for your Windows Server 2008 Server to have full DNS functionality.

When selecting a DNS zone type, you have the following options: Active Directory (AD) Integrated, Standard Primary, and Standard Secondary. AD Integrated stores the database information in AD and allows for secure updates to the database file. This option will appear only if AD is configured. If it is configured and you select this option, AD will store and replicate your zone files.

A Standard Primary zone stores the database in a text file. This text file can be shared with other DNS servers that store their information in a text file. Finally, a Standard Secondary zone simply creates a copy of the existing database from another DNS server. This is primarily used for load balancing.

To open the DNS server configuration tool:
1.Select DNS from the Administrative Tools folder to open the DNS console.
2.Highlight your computer name and choose Action | Configure a DNS Server… to launch the Configure DNS Server Wizard.
3.Click Next and choose to configure the following: forward lookup zone, forward and reverse lookup zone, root hints only (Figure E).
4.Click Next and then click Yes to create a forward lookup zone (Figure F).
5.Select the appropriate radio button to install the desired Zone Type (Figure G).
6.Click Next and type the name of the zone you are creating.
7.Click Next and then click Yes to create a reverse lookup zone.
8.Repeat Step 5.
9.Choose whether you want an IPv4 or IPv6 Reverse Lookup Zone (Figure H).
10.Click Next and enter the information to identify the reverse lookup zone (Figure I).
11.You can choose to create a new file or use an existing DNS file (Figure J).
12.On the Dynamic Update window, specify how DNS accepts secure, nonsecure, or no dynamic updates.
13.If you need to apply a DNS forwarder, you can apply it on the Forwarders window. (Figure K).
14.Click Finish (Figure L).

Mark as helpful. 0

Verify if BESadmin account can access a user account in Exchange

The BlackBerry® Enterprise Server requires permission to access each BlackBerry device user’s mailbox to process email messages. The IEMSText.exe tool runs a test to verify whether the Windows®account has the Send As permission in Microsoft® Exchange so that the BlackBerry Enterprise Server can access user accounts. The IEMSText.exe tool does not verify whether the BlackBerry Enterprise Server can send email messages on behalf of a BlackBerry device user. 1.Copy the BlackBerry® Enterprise Server installation files to the computer that you want to install the BlackBerry Enterprise Server on.
2.Extract the contents to a folder on the computer.
3.Navigate to \Tools.
4.Double-click IEMSTest.exe.
5.In the Profile Name drop-down list, select the profile names for the user accounts.
6.Click OK.
7.In the left pane, select the user accounts that you want to check.
8.Click Select.
9.Click OK.

Mark as helpful. 0

Block Instant messaging (IM) – Sonicwall

* Navigate to the Firewall > App Control Advanced page. (In Gen5 TZ devices this page would be under Security Services > App Control Advanced)  * Check the box under Enable App Control and click on Accept at the top of the page.  * Under View Stye: Category, select IM  * Click on the configure button to bring up the Edit App Control Category window.  * Select Enable under Block  * Select Enable under Log  * Select All under Included Users/Groups  * Click on OK to save the settings.

To block the web chat we would need to add the forbidden list on Content Filter with ” chatenabled.mail.google.com” for gtalk.

Mark as helpful.

Clear recycle bin for all users on workstation or server

Run this from Command prompt. If you run into issues you can run it from elevated command prompt

  • For Windows 7 or Server 2008 enter this command:

    rd /s c:\$Recycle.Bin

  • For Windows XP, Vista, or Server 2003 enter this command:

    rd /s c:\recycler

Mark as helpful.

Packet Capture on Meraki Devices

Packet captures allows you to analyze the traffic passing between the wireless client and AP, as well as the AP and the wired LAN.  Every MR access point supports live packet capture via the Dashboard interface. This powerful tool grants great insight into potential issues can be used by network administrators to troubleshoot a wide number of issues.

 

Taking a Live Packet Capture

Navigate to Monitor -> Packet Capture in Dashboard.

Select your AP

Select the APs for which you would like to perform a packet capture.  It is possible to select all of the APs in your network, or isolate specific APs. It is also possible to select Air Marshal APs or Non Air Marshal APs only.

Select your Output

Choose your preferred output method. Dashboard supports live capture output, which can be useful for rapid debugging. If you prefer to view packet captures within a 3rd party application (e.g. WireShark) or you want preserve the capture for later reference, you can also choose to download the capture into a pcap file.

Capture Size

The capture will stop after 60 seconds, or when 5000 packets have been captured.

Other options

Ignore Options

You can choose to ignore both Multicast and/or Broadcast packets. This will remove packets destined to multicast and/or broadcast MAC addresses.

Filter Expressions

You can optionally enter a filter expresssion to narrow the packets displayed or captured. Here are a few sample filter expressions:

host 10.1.27.253
packets to and from ip address 10.1.27.253
host 10.1.27.253 and port 53
packets to and from ip address 10.1.27.253 and TCP or UDP port 53 (DNS)
icmp[icmptype] != icmp-echo and icmp[icmptype] != icmp-echoreply
all ICMP packets that are not echo requests/replies (i.e., not ping packets):
ether host 11:22:33:44:55:66
packets to and from ethernet host 11:22:33:44:55:66

Mark as helpful.

Force Update Buffalo Linkstation NAS

**NOTE** -This must be done from a Windows machine. Apple Computers or Linux computers cannot perform this operation in the firmware updater.

 

Oldest Models – HD-HTGL/R5, HS-DTGL/R5,

 

1. Download the appropriate firmware for your NAS from our website (http://www.buffalotech.com/support/downloads) and the Nas Navigator (http://www.buffalotech.com/support/getfile/nasnavi-243wr.zip ).

 

2.  Reboot your PC in to safe mode with networking. **NOTE**-  Only do this step if you are having issues updating. This is to remove the possibility of firewalls, antivirus or any software preventing the firmware update from working. If you feel that this is not necessary you can try skipping this step. If it does not work then please try this.

 

3. **NOTE**- Only do this is if you are having issues updating while the unit is on the network. If having issues follow this to remove unit from the network.** Set your computer’s IP address to a static IP address of 192.168.11.1 with subnet 255.255.255.0. A default gateway is not required nor is DNS. Attach unit to Pc via ethernet.   NOTE: If you don’t know how to change your IP address on your computer you can find out how to do that for Windows (XP, Vista or 7).

 

4. Extract the files on to your desktop

5. Right click on the NASupdater application and go to Send To->Desktop (Create Shortcut)

6. Right click on the newly created shortcut and choose Properties

7. In the target line you will see:

"C:/[Path to your Desktop]/[Your NAS firmware folder]/NASupdater.exe"

 

On the right side of the end quotation you’ll want to add:

         [spacebar]/force

     

    8. Click on the Compatibility tab in the window and choose to “Run this program in compatibility mode with Windows 2000”

     

    9. Boot unit while holding the reset button.

     

    10. Run the shortcut and choose update.

     

    FINAL NOTE: Upon completing a firmware update you’ll want to restore the device to it’s factory defaults to remove any footprints from the previous firmware (same version or no). You can do this by logging in to the web interface, choosing maintenance, initialization and choose restore (does not delete data or shares).

     

     

     

     

     

    Old Models:

                           TeraStations -HS-DHTGL/R5, TS-HTGL/R5, TS-ITGL/R5, TS-RITGL/R5, TS-RHTGL/R5, 

     

                           LinkStations -HD-HLAN,LS-LGL, HS-DHGL, LS-GL, LS-WTGL-V1

     

    1. Download the firmware for your respective unit and the Nas Navigator (http://www.buffalotech.com/support/getfile/nasnavi-243wr.zip ). If you are unsure of your model then double check by posting on our forum.
    2. Extract the files on to your desktop.
    3. Open up the tsupdater.ini or lsupdater.ini file (You may not see the “ini” file extension. It’s file type is “Configuration File”.) The icon you see will look like one of the following.

     

            (XP Icon

    .ini file icon for XP

            ) (Vista Icon

    .ini file icon for Vista

          )

    4.   You should see text closely resembling the following:

    [Application]

    Title = BUFFALO "<Your Model number>" Updater Ver.x.x.x

    WaitReboot = 480

    WaitFormat = 500

    [Target] ProductID = "<Your Model number's product ID>">

    Name = "<Your Model number>"

    [Flags]

    VersionCheck = 1

     

    5.   You’ll want to change the “VersionCheck = 1” value to 0 and then hit Enter a couple of times to go to new lines and add in the following:

    [SpecialFlags]

    Debug = 1

     

    6.   Once these changes are made you’ll want to save the ini file.

    7.   Open the tsupdater or lsupdater file with the following icon next to it (some variations may occur):

    8.   The firmware application window will open. Right click on the title bar of the firmware update window (Blue,green or gray in XP, Transparent in Windows 7 and Vista)  and choose Debug (D). The resulting window will pop up:

     

    9.  Make sure the options in your window are checked exactly as shown above **NOTE**: You can also choose “Delete User-Config” To restore settings on the unit through the updater. You can also choose “rebuild partition table” to completely format the unit during the update. If you wish to format and you have noformating = 1 in the .ini file, change the 1 to a 0.

    10.  Click OK

    11.  Click Update

     

    **NOTE** If you are having issues with the firmware update not finding the unit or you are getting errors please try these troubleshooting steps.

     

    • Try resetting your unit by holding down the reset button
    • 1. Boot your PC in to Safe Mode With Networking and attach the unit directly to your PC. This will prevent any firewalls, antivirus or softwares from preventing the updater from doing its job. Example: Updater cannot find the unit or pass authentication.

    2. Hold the reset button while booting the unit which will boot the unit in to Emergency Mode (EM Mode). The reset button is on the back of the Linkstations and is behind the door underneath the LCD screen on the TeraStations.

     

    3. When the unit boots (LinkStations – solid power light, TeraStations – When you see the host name of the unit) run the Nas Navigator. If the Nas Navigator cannot find the unit hold the reset button on the unit for 10 seconds and give it 1-2 minutes to reset.  If the Nas Navigator finds the unit but the unit is at an IP other than 192.168.11.150, hold the reset button on the unit for 10 seconds and give it 1-2 minutes to reset. . Then set your computer’s IP address to a static IP address of 192.168.11.1 with subnet 255.255.255.0. A default gateway is not required nor is DNS. Attach unit to Pc via ethernet.  The unit should  NOTE: If you don’t know how to change your IP address on your computer you can find out how to do that for Windows (XP, Vista or 7). The Nas Navigator should now find  the unit at 192.168.11.150. If the unit continues to receive 169.254.x.x address then simply set your PC’s IP to a similar 169.254.<“same # here”>.X address.

     

    4. Perform regular steps to continue flashing firmware.

     

    • If the Nas Navigator cannot find the unit, make sure to change out the Ethernet cable, make sure the Ethernet port on your Pc is enabled, try another Ethernet port or try a different computer.

     

     

     

     

    Newer Models:

     

                    TeraStations –        TS-QVHTL/R6, TS-WXTL/1D, TS-WXTL/R1, TS-XETL/R5,TS-IXTL/R5, TS-RIXTL/R5, TS-XTL/R5, TS-RXTL/R5, TS-6VHTL/R6, TS-8VHTL/R6,

     

                     LinkStations –        LS-WXTL/R1,LS-CTL, LS-XTL, LS-CHL, LS-WSXTL/R1, LS-VTL, LS-WTGL/R1-V3, LS-WVTL/R1, LS-XHTL, LS-QVTL/R5, LS-QTL/R5

     

    • Download the firmware for your respective unit and the Nas Navigator (http://www.buffalotech.com/support/getfile/nasnavi-243wr.zip ). If you are unsure of your model then double check by posting on our forum.
    • Extract the files on to your desktop.
    • Open up the tsupdater.ini or lsupdater.ini file (You may not see the “ini” file extension. It’s file type is “Configuration File”.) The icon you see will look like one of the following.

     

            (XP Icon

    .ini file icon for XP

            ) (Vista Icon

    .ini file icon for Vista

          )

    4.   You should see text closely resembling the following:

    [Application]

    Title = BUFFALO "<Your Model number>" Updater Ver.x.x.x

    WaitReboot = 480

    WaitFormat = 500

    [Target] ProductID = "<Your Model number's product ID>">

    Name = "<Your Model number>"

    [Flags]

    VersionCheck = 1

    NoFormatting = 1

     

    5.   You’ll want to change the “VersionCheck = 1” value to 0 and then hit Enter a couple of times to go to new lines and add in the following:

    [SpecialFlags]

    Debug = 1

     

    6.   Once these changes are made you’ll want to save the ini file.

    7.   Open the tsupdater or lsupdater file with the following icon next to it (some variations may occur):

    8.   The firmware application window will open. Right click on the title bar of the firmware update window (Blue,green or gray in XP, Transparent in Windows 7 and Vista)  and choose Debug (D). The resulting window will pop up:

    Mark as helpful. 9

    Convert Sonicwall Export into a text file

    You can create a tech support report which is readable. Depends on the firmware how to create it.
    For a newer model go to: ‘System’ – ‘Diagnostics’. On the top of the screen you can create and download a .WRI file (wordpad).

    Rename the diagnostic file to sonicwall.txt

    Then use Windows powershell and use this command

    (get-content sonicwall.txt) -replace ‘\&’,”`n” |out-file readable.txt

    Mark as helpful. 1

    Logon Failure: The Target Account Name is Incorrect

    Fix “Logon Failure: The Target Account Name is Incorrect” Error

    Reset Machine Account Passwords using Netdom.exe

    netdom resetpwd /s:server /ud:domain\User /pd:*

    The /s:server is the name of another domain controller in which the KDC service is running. That server will be used for setting the machine account password.

    The other two parameters are simply the user name and password for a domain administrator account.

    You will need to install the Windows Server Support Tools from the CD-ROM. Once installed, you have to stop the Kerberos Key Distribution Center service and set the Startup Type to Manual.

    Note that this method basically is fixing a problem with replication between two domain controllers. Sometimes replication can fail because the secret password between the domain controllers gets out of sync.

    Make sure replication between your domain controllers is actually working!

    Mark as helpful. 0

    Export logs for HP Aruba Switch

    HP ProCurve Switches — Capturing the “show tech all” File

    AskProCurve Article

    Title:

    HP ProCurve Switches — Capturing the “show tech all” File

    Available Part Numbers:

    J4812A,J4813A,J4819A,J4848A,J4848B,J4849A,J4849B,J4850A,J4861A,J4865A,J4887A,J4888A,J4899A,J4899B,J4899C,J4900A,J4900B,J4900C,J4901A,J4903A,J4904A,J4905A,J4906A,J8151A,J8152A,J8164A,J8165A,J8166A,J8167A,J8692A,J8693A,J8697A,J8698A,J8699A,J8700A,J8762A,J8770A,J8772A,J8773A,J8775A,J9019A,J9019B,J9020A,J9021A,J9022A,J9030A,J9049A,J9050A,J9064A,J9085A,J9086A,J9087A,J9088A,J9089A,J9137A,J9138A,J9145A,J9146A,J9147A,J9148A,J9279A,J9280A,J9298A,J9299A,J9447A,J9448A,J9470A,J9471A,J9472A,J9473A

    Issue Description:

    How is the “show tech all” captured?

    Solution:

    Use one of the three following methods in order to capture the “show tech all” from an HP ProCurve Switch.

    NOTE: The HP ProCurve Switches 2524 and 2512 do not recognize the command, “show tech all”. For these switches, issue the command, “show tech”.

    Method 1:

    1. Launch a TFTP server utility, and ensure that it is configured to send and receive files. In addition, configure the Base Directory appropriately;

    2. Ensure that the switch and PC are provisioned with IP ranges within the same subnet;

    3. Within the CLI of the HP ProCurve Switch, type the command: copy command-output “show tech all” tftp <tftp server IP addr> <filename>;

    4. Next, issue the command: copy crash-data tftp <tftp server IP addr> <filename> crashdata.bin;

    5. Also issue the command: copy crash-log tftp <tftp server IP addr> <filename> crashlog.bin;

    6. Forward a copy of the file in accordance with the instructions provided by HP Support.

    Method 2:

    Use the following method in case no TFTP server is available:

    1. Go to the Windows ‘Start’ menu and choose ‘Run’;

    2. Type “telnet <ip address> -f C:\showtech.txt”;

    3. Press Enter;

    4. Open a Telnet session with the HP ProCurve Switch, and type the command “show tech all”;

    5. After the output of the “show tech” command has finished scrolling past, type the command “logout”;

    6. The resulting file is saved to the root of the C:\ drive.

    Method 3:

    If the Switch possesses no IP address, it is necessary to capture the text with the help of a VT100-compliant terminal emulator.

    1. Using the serial console cable in tandem with a terminal emulator, log into the switch;

    2. Configure the application to capture text;

    3. On the local drive, specify a location and file name for the textual output;

    4. Type “show tech all” within the CLI of the switch;

    5. Forward the file per the instructions provided by HP Support.

    Modified Date:

    Mark as helpful. 0

    How to back up configuration and update firmware on HP ProCurve 1810 & 1820 series switches

    To back up your configuration:

    1. Log into your HP switch web console.
    2. Go to Maintenance Backup Manager.
    3. For Backup Method, select HTTP.
    4. Leave Server IP and File Name fields blank.
    5. For Backup Type, select Configuration.
    6. Click Apply.
    7. Don’t disturb the browser window while the backup is in progress. It may take about three minutes for the backup to complete.

    Now you’re ready to update the firmware. Go to the HP website, enter the model number of your switch in the search bar, and download firmware version 1.20 or higher. You must reboot the switch after the update is complete.

    To update the firmware:

    1. Log into your HP switch web console.
    2. Go to Maintenance Update Manager.
    3. For update method, select HTTP.
    4. Click Browse to select the designated file.
    5. Leave Server IP and File Name fields blank.
    6. For Update Type, select Code.
    7. In the Image field, choose Active.
    8. Click Download.
    9. When the file transfer is complete, you’ll see a status of File Transfer is completed successfully. Click Reboot Switch.

    Once your switch reboots, the update is complete.

    Mark as helpful. 0

    Update HP Switch Firmware

    Go to https://h10145.www1.hpe.com/support/SupportLookUp.aspx and type in the switches model number, then select your switch and click “Show selected items”

    2

    Next, click on “Software downloads”

    3

    Select the most recent version and download the firmware

    If the current firmware version is substantially older than the most recent, review the information on the download page and the Release Notes to verify that you can update directly to the new version.

    4

    Copy the .swi file from the downloaded firmware folder to your root TFTP folder. On Solarwinds it is located at C:\TFTP-Root

    5

    Log into the switch and backup the current config

    Before you update the firmware, backup the current config. Save any changes by running

    #write memory

    Then, copy the config to the TFTP server.

    #copy startup-config tftp <IP address of TFTP> <config name>.cfg

    6

    Enter the menu interface on the switch

    The firmware can be downloaded from CLI, but this tutorial will cover the menu interface way of downloading it. You can enter the menu from the CLI by running:

    #menu

    7

    Select the option Download OS from the menu

    8

    Fill in the information about the file transfer and select “eXecute”

    First, make sure the Method is set to “TFTP” and change the TFTP Server to the IP address of your computer. Then, change the Remote File Name to the name of the .swi file on the TFTP server.

    9

    Reboot and verify that the firmware has been updated

    Once the firmware finishes installing, the switch will need to be rebooted for the changes to take effect. You can then verify it updated successfully by running:

    #show version

    Mark as helpful. 0

    Update Time on HP Switch

    You can do this by login on to the console:

    Type:> Configure

    Type :>Clock Set 13:08

    Type :>Clock Set 06/11/2015

    Type :>Time timezone -300

    Type :>time daylight-time-rule Continental-US-and-Canada

    Type :>Write Memory

    Mark as helpful. 0